[122858] in North American Network Operators' Group
Re: DNS server software
daemon@ATHENA.MIT.EDU (Paul Vixie)
Mon Feb 22 14:27:51 2010
To: nanog@merit.edu
From: Paul Vixie <vixie@isc.org>
Date: Mon, 22 Feb 2010 19:27:02 +0000
In-Reply-To: <c3a174021002220616g76f0304bh84ae892dfc9280a6@mail.gmail.com>
(Claudio Lapidus's message of "Mon\,
22 Feb 2010 11\:16\:52 -0300")
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Claudio Lapidus <clapidus@gmail.com> writes:
> We are a mid-sized carrier (1.2M broadband subscribers) and we are
> looking for an upgrade in our public DNS resolver infrastructure, so we
> are interested in getting to know what are you guys using in your
> networks. Mainly what kind/brand of software and which architecture did
> you use to deploy it, and how did you do the sizing, all of it would be
> most helpful information.
Unsurprisingly, we (AS1280, AS3557) run BIND 9. see <http://www.isc.org/>.
We have at least two recursives in each AS1280 site, and one in each
AS3557 location (f-root). Stubs (either /etc/resolv.conf or DHCP) each use
all local plus some non-local, for a minimum of three total. Recursive DNS
servers do not use forwarding or other cache-sharing techniques, each is
fully independent. Most have DNSSEC validation enabled, and of those, all
are subscribed to ISC DLV, see <http://dlv.isc.org/>. Most server hosts
here run FreeBSD on AMD64/EM64T or else i386.
--
Paul Vixie
KI6YSY
